﻿<?php session_start(); ?>
<?php if(isset($_SESSION['name'])) {
    header('location:admin.php');
}?>

<html xmlns="http://www.w3.org/1999/xhtml">

<!-- Mirrored from jannek.fi/themeforest/proadmin/login.html by HTTrack Website Copier/3.x [XR&CO'2008], Wed, 26 Nov 2008 20:37:25 GMT -->
<head>
<title>ProAdmin - Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />

<!--// FOLLOWING SCRIPT IS FOR PNG FIX IE5.5/IE6-->
    

<!--[if lt IE 7]>
<script defer type="text/javascript" src="js/pngfix.js"></script> 
<![endif]--> 


<!--//  Styles starts -->


<link href="css/login.css" rel="stylesheet" type="text/css" />


</head>
<body>
<?php
	if(isset($_POST['submit'])) {
	$errors = array();
	$required = array('username','password');
	foreach($required as $fieldname) {
    if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])) {
        $errors[]= "<font color='red'> Vui lòng nhập <strong>{$fieldname}  </strong> </font>  ";
    }
}//End: foreach
if(empty($errors)) {
    $conn = mysqli_connect('localhost','root','','qltb') or die('Could not connect to DB');
    $username = mysqli_real_escape_string($conn,$_POST['username']);
    $password = mysqli_real_escape_string($conn,$_POST['password']);
    $hash_pw = sha1($password); 
    $query = "SELECT CONCAT_WS(' ', username, password) 
              AS name
              FROM members
              WHERE username='$username'
              AND password='$hash_pw'
              LIMIT 1";
    $result = mysqli_query($conn,$query) or die(mysqli_error($conn));
    if(mysqli_num_rows($result) == 1) {
        while($rows = mysqli_fetch_array($result,MYSQLI_ASSOC)) {
            $_SESSION['name'] = $rows['name'];
            $_SESSION['uname'] = $username;
            header('location:index.php');
        }
    } else {
        $errors[] = "Tài khoản hoặc mật khẩu không đúng.";
    }
}

}//End if($_POST['submit'])
else {
    if(isset($_GET['stat']) && $_GET['stat'] == 1) {
        $message = "<ul><li>You are now logged out.</li></ul>";
    }
}
?>
	<div class="box">
		<div class="welcome" id="welcometitle">Welcome to NAAS, Please Login: <!--//  Welcome message -->
	</div>
    <div id="wrapper">
       
<form action='' method='post'>
  <div id="fields"> 
    <table width="333">
    
      <tr>
       
        <td width="79" height="35"><span class="login">USERNAME</span></td>
        <td width="244" height="35"><label>
          <input name="username" type="text" class="fields" id="username" size="30" />  <!--//  Username field  -->
        </label></td>
      </tr>
      
      
      <tr>
        <td height="35"><span class="login">PASSWORD</span></td>
        <td height="35"><input name="password" type="password" class="fields" id="password" size="30" /></td> <!--//  Password field -->
      </tr>
      
      
      <tr>
        <td height="65">&nbsp;</td>
        <td height="65" valign="middle"><label>
          <input name="submit" type="submit" class="button" id="button" value="LOGIN" />
          <!--//  login button -->
        </label></td>
      </tr>
    </table>
  </div>
 </form>
        
        <div class="login" id="lostpassword"><a href="#">Lost Password?</a></div> <!--//  lost password part -->
  
  <div class="copyright" id="copyright">VietNam Datacomunication Company.<br />
  <!--//  copyright / footer -->
   <?php if(!empty($errors)) {
            echo "<ul>";
            foreach($errors as $error) {
                echo "<li>{$error}</li>";
            }
            echo "</ul>";
        }?>
        
        <?php if(isset($message)) echo $message;?>
 </div>
</div>


</body>

<!-- Mirrored from jannek.fi/themeforest/proadmin/login.html by HTTrack Website Copier/3.x [XR&CO'2008], Wed, 26 Nov 2008 20:37:26 GMT -->
</html>